I'm a software developer currently stuck to support CyberArk at a large company. I need to pull up a list of accounts that is belong to a certain user. For example, let's said I have a user account named Bob and I want to find all the accounts that belong to Bob in AD meaning on the Organization tab of a user properties, the Manager should be Bob.
I've absolutely zero knowledge regarding AD except the very basic. Is there a way to do it? I only have access to "Active Directory Users and Computers" tool and I'm not even sure if I have enough privilege to run script or install powershell to do it but would like to know the script or powershell command to do so if there is one.
Respuesta1
Install Powershell and the Quest cmdlets.
Then you could use something like this:
Get-QADUser -SearchRoot "DC=Company,DC=com" -LdapFilter '(&(manager=cn=Bart De Vos,ou=IT,dc=Company,dc=com)(objectCategory=User))'
You could also use the query in the advanced search box of AD.
(&(manager=cn=Bart De Vos,ou=IT,dc=Company,dc=com)(objectCategory=User))
You don't need any special rights for this, all members of the domain have full read-access to it.